Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/4dca34-745c-4180-b0f0-01dda374d67f/1/1bAhsehBJlk8722YgDQTqnLQAeA.mft
File: 1bAhsehBJlk8722YgDQTqnLQAeA.mft (raw, json)
Hash identifier: FSa3VWLhPBmMX03OHq1tCeEVe0/MCg5O3OJFpWgioSQ=
Subject key identifier: 08:F0:95:86:DF:E6:B3:AE:86:F6:13:7D:78:13:19:E0:1E:FD:89:75
Authority key identifier: D5:B0:21:B1:E8:41:26:59:3C:EF:6D:98:80:34:13:AA:72:D0:01:E0
Certificate issuer: /CN=d5b021b1e84126593cef6d98803413aa72d001e0
Certificate serial: 019A7112C20F5B511BDF3385121948EB48A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1bAhsehBJlk8722YgDQTqnLQAeA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/4dca34-745c-4180-b0f0-01dda374d67f/1/1bAhsehBJlk8722YgDQTqnLQAeA.mft
Manifest number: 4B
Signing time: Tue 11 Nov 2025 04:00:45 +0000
Manifest this update: Tue 11 Nov 2025 04:00:45 +0000
Manifest next update: Wed 12 Nov 2025 04:00:45 +0000
Files and hashes: 1: 0EWA36I6mOSoPIDfmQ0kLWD6rlg.roa (hash: OJc1UNQ6b/j4oso8+DOkIj53sxADM+WwR3tDYFPAPDk=)
2: 1bAhsehBJlk8722YgDQTqnLQAeA.crl (hash: wd3GkoixM6PETDxpbppZ/OJhEhpu6DoG8g3VDynUm7Q=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b8/4dca34-745c-4180-b0f0-01dda374d67f/1/1bAhsehBJlk8722YgDQTqnLQAeA.crl
rsync://rpki.ripe.net/repository/DEFAULT/b8/4dca34-745c-4180-b0f0-01dda374d67f/1/1bAhsehBJlk8722YgDQTqnLQAeA.mft
rsync://rpki.ripe.net/repository/DEFAULT/1bAhsehBJlk8722YgDQTqnLQAeA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 04:00:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:12:c2:0f:5b:51:1b:df:33:85:12:19:48:eb:48:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d5b021b1e84126593cef6d98803413aa72d001e0
Validity
Not Before: Nov 11 04:00:45 2025 GMT
Not After : Nov 12 04:00:45 2025 GMT
Subject: CN=08f09586dfe6b3ae86f6137d781319e01efd8975
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:a9:c9:42:f2:aa:05:1d:84:90:f4:33:9d:7b:
e2:ad:4f:e0:50:78:72:79:3c:19:f6:8a:5f:bb:08:
e2:9f:b8:61:22:af:fb:fd:b8:7c:62:62:c4:0b:bf:
4f:2f:90:bb:be:3c:74:13:67:76:52:53:0c:b4:9b:
cd:2e:75:73:a2:01:2a:6c:55:f5:7a:b0:1e:91:2c:
90:d2:c5:5b:4a:ff:5d:94:fc:f7:ca:e3:68:c7:a7:
89:b3:6c:56:62:60:0d:4e:f3:7b:2a:f2:ed:e7:5a:
f4:2f:11:52:c7:be:e1:4e:75:51:e4:41:30:b9:7c:
aa:28:a4:22:8c:86:db:c8:41:8a:bf:be:d8:99:a1:
c2:3d:6b:c8:9d:64:8d:73:cf:ac:ea:ad:bc:cf:d1:
e3:95:b9:04:a5:47:c1:fe:42:d2:ba:f9:62:bc:60:
56:0c:33:20:61:a4:fa:70:55:77:3f:20:be:ab:2f:
0b:6a:86:47:c2:90:76:89:60:48:7f:f4:cc:9c:fd:
77:57:5e:35:ac:a6:8c:fe:d5:77:c4:97:ab:f8:03:
ab:cf:5e:20:4f:1a:5c:99:6c:26:d4:c9:c5:0f:01:
28:9e:e9:91:03:bd:42:f5:7b:3a:8a:ff:e1:41:15:
56:3b:b9:fe:04:a0:44:a2:ae:77:b8:bb:e7:b9:f7:
76:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:F0:95:86:DF:E6:B3:AE:86:F6:13:7D:78:13:19:E0:1E:FD:89:75
X509v3 Authority Key Identifier:
keyid:D5:B0:21:B1:E8:41:26:59:3C:EF:6D:98:80:34:13:AA:72:D0:01:E0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1bAhsehBJlk8722YgDQTqnLQAeA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/4dca34-745c-4180-b0f0-01dda374d67f/1/1bAhsehBJlk8722YgDQTqnLQAeA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/4dca34-745c-4180-b0f0-01dda374d67f/1/1bAhsehBJlk8722YgDQTqnLQAeA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
44:a6:10:32:76:08:86:ee:13:94:73:50:97:f7:4e:2d:93:0b:
60:27:51:90:d4:65:60:ce:e9:12:49:27:80:10:fd:53:29:66:
ac:cd:a7:3c:b8:57:30:8c:64:3b:b3:12:14:04:97:25:48:bf:
f5:56:38:7f:1b:c9:08:be:07:4b:53:10:a0:c8:8d:89:59:df:
2d:46:9d:06:0e:4b:c5:be:43:f0:36:f3:63:ee:20:c3:76:3c:
e0:5e:9d:be:0b:42:19:5d:0c:17:d2:9e:05:5e:3f:a8:95:3c:
6b:b1:ba:3a:35:fb:f9:6a:19:a6:35:d7:da:22:8d:b8:f6:8b:
68:e8:21:3a:86:45:47:d3:9f:66:1e:3c:19:81:c6:5c:f9:26:
d5:dd:8e:6e:ee:fc:80:f0:f7:2b:c4:d7:10:30:94:65:aa:34:
c5:73:53:fe:3e:eb:e1:2d:c3:22:60:e4:8a:3b:aa:27:34:de:
3f:f3:4c:3e:b8:65:c2:7e:a5:64:0a:a8:42:04:73:9a:2b:57:
f1:c2:15:eb:18:f9:d4:17:25:e8:19:ac:06:ba:52:5b:54:60:
c2:da:39:a5:64:25:bf:4d:7c:5c:05:fb:aa:af:4e:74:62:a5:
41:53:27:9e:52:46:a0:b1:be:01:d7:d8:78:ad:5b:c1:a1:58:
ba:0d:2b:13
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxEsIPW1Eb3zOFEhlI60ipMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1YjAyMWIxZTg0MTI2NTkzY2VmNmQ5ODgwMzQxM2FhNzJk
MDAxZTAwHhcNMjUxMTExMDQwMDQ1WhcNMjUxMTEyMDQwMDQ1WjAzMTEwLwYDVQQD
EygwOGYwOTU4NmRmZTZiM2FlODZmNjEzN2Q3ODEzMTllMDFlZmQ4OTc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtanJQvKqBR2EkPQznXvirU/gUHhy
eTwZ9opfuwjin7hhIq/7/bh8YmLEC79PL5C7vjx0E2d2UlMMtJvNLnVzogEqbFX1
erAekSyQ0sVbSv9dlPz3yuNox6eJs2xWYmANTvN7KvLt51r0LxFSx77hTnVR5EEw
uXyqKKQijIbbyEGKv77YmaHCPWvInWSNc8+s6q28z9HjlbkEpUfB/kLSuvlivGBW
DDMgYaT6cFV3PyC+qy8LaoZHwpB2iWBIf/TMnP13V141rKaM/tV3xJer+AOrz14g
TxpcmWwm1MnFDwEonumRA71C9Xs6iv/hQRVWO7n+BKBEoq53uLvnufd2vwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAjwlYbf5rOuhvYTfXgTGeAe/Yl1MB8GA1UdIwQY
MBaAFNWwIbHoQSZZPO9tmIA0E6py0AHgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMWJBaHNlaEJKbGs4NzIyWWdEUVRxbkxRQWVBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC80ZGNhMzQtNzQ1Yy00MTgwLWIwZjAt
MDFkZGEzNzRkNjdmLzEvMWJBaHNlaEJKbGs4NzIyWWdEUVRxbkxRQWVBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC80ZGNhMzQtNzQ1Yy00MTgwLWIwZjAtMDFkZGEzNzRkNjdm
LzEvMWJBaHNlaEJKbGs4NzIyWWdEUVRxbkxRQWVBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARKYQMnYI
hu4TlHNQl/dOLZMLYCdRkNRlYM7pEkkngBD9UylmrM2nPLhXMIxkO7MSFASXJUi/
9VY4fxvJCL4HS1MQoMiNiVnfLUadBg5Lxb5D8DbzY+4gw3Y84F6dvgtCGV0MF9Ke
BV4/qJU8a7G6OjX7+WoZpjXX2iKNuPaLaOghOoZFR9OfZh48GYHGXPkm1d2Obu78
gPD3K8TXEDCUZao0xXNT/j7r4S3DImDkijuqJzTeP/NMPrhlwn6lZAqoQgRzmitX
8cIV6xj51Bcl6BmsBrpSW1Rgwto5pWQlv018XAX7qq9OdGKlQVMnnlJGoLG+AdfY
eK1bwaFYug0rEw==
-----END CERTIFICATE-----
Generated at Tue Nov 11 11:25:00 2025 by rpki-client